文章目录

仅需一条命令

grep "Failed password for root" /var/log/secure | awk '{print $11}' | sort | uniq -c | sort -nr | more

结果类似下面这样:

4377 103.41.124.18
4368 103.41.124.65
3900 62.210.178.226
2214 103.41.124.33
 409 62.210.142.105
 404 115.231.222.45
 152 122.225.97.91
  95 122.225.109.205
  81 109.195.69.233
  42 74.52.105.154
  21 87.106.184.62
  21 87.106.1.211
  21 82.165.154.23
  21 69.64.64.62
  21 67.226.156.239
  21 61.40.192.52
  21 60.213.190.98
  21 27.251.179.130
  21 222.77.190.33
  21 211.172.219.251
  21 210.249.105.10
  15 220.194.46.36
  12 203.184.128.106
   1 60.190.71.52
   1 193.104.41.58

这样我们就可以很清楚的了解有谁在尝试破解我们的密码了,之后做个相关安全策略就可以简单防治了

文章目录